Authorization Management is the Key to Smooth But Secure Payments
If you happen to be a fraudster, it’s likely that you are loving all the ways the industry is making it easier for people to pay. The less friction in a payment, the quicker the money moves, and the more opportunity you have to intersect with fraud and move the money away before anyone notices.
On our side of the battle, payments professionals face a daily challenge; how to balance easy access to payments and smooth transactions, with robust fraud defenses?
It’s no secret that with the new, fast and open payments ecosystem, a new set of fraud threats is materialising. Financial institutions and intermediaries are faced with an unprecedented range of technologies and form factors, thanks to the digital transformation of commerce. The system is increasingly fragmented, and to top it off, now we have to combat fraud in real-time.
It’s unsurprising that Card Not Present fraud is on the rise; overall transaction volumes of CNP are increasing as we adopt multiple payments services including mobile payments, digital wallets, social payments and more. That’s not even including the potential explosion in micro-payments from connected devices as the Internet of Things becomes an everyday reality.
Fraud prevention is like an arms-race - it might seem like this diversification of payments technology just means more potential avenues for fraudsters’ attacks. But at the same time they have been developing phishing, malware and bots, the payments industry has been investing in machine learning and AI, encryption and tokenisation, Multi-Factor and Knowledge Based Authentication.
Resilience in Real-Time
Now the next big challenge is developing robust security for immediate payments. Real-time payments require real-time fraud prevention. This begins pre-payment, with payments providers investing in message encryption, digital certificates, and data capture. In its first incarnation, immediate payments will be initiated by consumers and corporates. Merchants will join the immediate payments revolution later than their ecosystem partners. In a real-time world, it’s not enough to focus fraud prevention on just the payments experience. Fraud prevention has to be considered end-to-end in the same way as customer experience. Strong authentication will be a major factor in achieving a secure transaction—within an excellent customer experience.
Finding the friction sweet spot
In the new payments ecosystem, strong authentication will no longer be needed for each transaction. If it is performed once, then payments to known receivers can flow freely. What will be key is authentication and authorisation management through monitoring relevant data. The implementation of global account numbers, predictive analytics, actionable alerting rules, and behavioural profiling will mean that authentication and authorisation can be streamlined to reduce unnecessary, repetitive checks. This will have positive impacts for merchants and their abandoned basket rates – a smoother purchasing process reduces customer drop-off.
The complication lies in balancing all the ways that customers want to pay...with security. Payments are open, with this openness being driven by consumer demand and regulators. PSD2 aims to drive open payments to encourage innovation in a traditionally staid industry. The mandate looks to support an open and secure payments ecosystem through its requirements for strong authentication. But PSD2’s goals for open banking will not succeed without frictionless authentication and a system of trust. The challenge for all financial institutions and intermediaries is to find just the right amount of friction for it to be smooth yetsecure. We want frictionless, but not so it feels like pickpocketing.
Find out more about how you can achieve frictionless fraud prevention with the latest eBook from our New Payments Ecosystem series: SECURE! How real-time and openness change the payment fraud ecosystem.
Related Blog Posts
Why its Never Too Late for Women to Join STEM Professions
With ACI’s fourth Coding for Girls Camp coming up on April 21st, ACI’s Sampy Gajre, senior recruiter and an eternal advocate for women in tech professions, talked to us about the challenges and opportunities for women in STEM (science, technology, engineering, mathematics) professions. She shared with us what organizations and communities can do to help encourage more women to join the field, and why it’s never too late to follow your passion.
Maintain Vs. Invest: What the Digital Era Ushers in for Banks
Taking place this week in Brussels, the European Credit Research Institute (ECRI) will host a high-level debate on how policymakers can build on the process of digitalisation of banks to raise competitiveness in light of increased competition from fintech start-ups and tech giants.
The Climate, Weather and Payments – What the Winds Tell Us?
I am sitting in my home watching snow fall, it’s April and I just spent the weekend prepping my yard for the upcoming summer season. To say the weather patterns are odd is an understatement. The global climate is warming as we know. And though you don’t see it on a day to day basis, it seems to hit more regularly than in the past, with freakish events, colds snaps, warm spells and snow storms in April. And on this occasion, it had me thinking about our current environment in payments. We are seeing a fundamental change to our ecosystem with technology advancements like Open APIs, big data, AI and foundational changes like Immediate Payment initiatives and regulatory pushes.
Ursinus College: The Future of Campus Commerce is in the Cloud
Sixty-eight percent of schools are moving eCommerce to the cloudi. As Ellucian Live begins to descend upon San Diego this week, ACI’s Gene Scriven took a moment to chat with Ellen Curcio, Director of Student Accounts at Ursinus College, about the future of campus commerce.
Be sure to catch Ellen and Gene, as well as ACI partner and host Ellucian at the event on Wednesday, April 11, for a panel discussion on “The Future of eCommerce in the Cloud.”
Driving IoT Progress at Mobile World Congress
I felt fortunate to be among the 107,000 delegates from 205 countries attending this year’s Mobile World Congress, held earlier this month in surprisingly chilly Barcelona.
Showcasing everything from connected cars, to virtual reality, 3D printing to amazing app ideas—the exhibition and conference content at MWC gave visitors a chance to discuss the future of mobile and explore the world’s most cutting-edge, mobile-enabled products and services.
4 Reasons Why You Must Future Proof Your Technology
What does future proofing your technology mean? In my view, it means preparing your bank to deliver the best customer experience possible--today and tomorrow. Research from Greenwich Associates indicates that the customer experience and ease of doing business are key drivers of loyalty. Extracting value from your technology investments so you can provide a superior customer experience is not only important because of the impact on service, but also on loyalty.
I want to focus on 4 reasons why future proofing your technology is important. These insights are a sneak preview into some of the findings from our upcoming whitepaper produced with Ovum, the annual Global Payment Insight Series.
Increasing Collections & Satisfaction: Real-Time Payments for Loan Servicing
The old adage that “cash is king” is precisely that: old. In today’s world, convenience is king and real-time payments deliver it in spades. Consider that convenient ways to pay can reduce late payments by up to 76%, while reducing call center volumes by up to 83%, and it’s no wonder lenders are expanding their offerings over time to include checks, ACH, debit cards and now real-time payments.
GDPR: Modern Wealth Is In Your Digital DNA
Hands up if you don’t really know what GDPR is… don’t worry, you’re not alone in fact, 6 in 10 people have never heard of it.
And why should the average consumer know about the General Data Protection Regulation (GDPR)? The regulation itself, which will become enforceable in May 2018, is designed to stop businesses using our data without our knowledge or consent. And that consent means complete transparency on how our data is being used. This sounds like a very reasonable expectation for consumers to have, which of course begs the question; why hasn’t this been the standard up until now?
Fintech Frenzy and Fun
I’m in vibrant Singapore for day one of the inaugural Money20/20 Asia... or is this day two? I’ve lost all concept of time this week (and didn’t realize how close Singapore is to the equator… it’s like wicked hawt outside!) And I’m joined once again by my ever-intrepid Rantings colleague to rant about what’s happening in this fun-filled world of payments.
How the Merchant Payment Ecosystem Can Create Value in Instant Payments
Recently, ACI conducted some research into the appetite to make use of instant payments among corporates. The results were overwhelmingly favorable, but when we think about the benefits of immediate payments for corporates, it does seem obvious that they would want to leverage this new payment type.